Banks, dam targeted by Iranian hackers, US says; 7 charged

U.S. ties seven to Iran government

WASHINGTON — The United States charged seven alleged hackers linked to the Iranian government with executing large-scale coordinated cyberattacks on dozens of banks as well as a small dam outside New York City — intrusions that law enforcement officials said reached into America’s infrastructure, disrupted the nation’s financial system and cost tens of millions of dollars.

Indictments announced Thursday by the Justice Department show a determination by overseas hackers to cripple vital U.S. interests, officials said, and marked the first time the FBI attributed a breach of a U.S. computer system that controls critical infrastructure to a hacker linked to a foreign government.

The seven are accused of infecting thousands of people’s computers with malware to create a network of zombie computers they used to overwhelm servers of major institutions to knock them offline. Those included the Bank of America, NASDAQ and the New York Stock Exchange.

“The attacks were relentless, systematic and widespread,” Attorney General Loretta Lynch said. “They threatened our economic well-being and our ability to compete fairly in the global marketplace, both of which are directly linked to our national security.”

One of the alleged hackers is accused of repeatedly gaining access to the control system of the Bowman Avenue Dam, a small structure in Rye Brook, about 20 miles north of New York City. Officials termed his access “a frightening frontier on cybercrime” and said he would have been able to operate a digitally controlled sluice gate, flooding portions of the city of Rye, but the gate had been disconnected for maintenance.

The indictments stem from intrusions between 2011 and 2013 that officials say targeted 46 victims, disabling bank websites and interfering with customers’ ability to do online banking. The attacks, which occurred sporadically over 176 days, cost the institutions tens of millions of dollars in remediation costs, but no customers lost money or had their personal information stolen.

The accused hackers worked for two Iranian computer companies linked to that nation’s government, including the Islamic Revolutionary Guard Corps, the U.S. said. Charges include violating U.S. laws on computer hacking and gaining unauthorized access to a protected computer.

The seven defendants are Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadega, 23; Omid Ghaffarinia, 25; Sina Keissar, 25, and Nader Saedi, 26. Firoozi is charged alone for allegedly hacking the dam. Shokohi received credit from the Iranian government toward his mandatory military service for his work in the attacks, the U.S. alleges.

None of the seven is in U.S. custody, and it’s unclear whether they will ever be arrested or if criminal indictments in absentia are effective in combatting such crimes.